urlscan.io logo urlscan.io
SecurityTrails logo

colegioanahuac.mx Open in urlscan Pro
72.29.77.180  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://colegioanahuac.mx/quintob/dieta/images/up.html
Submission: On June 03 via automatic, source openphish
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 18 HTTP transactions. The main IP is 72.29.77.180, located in Orlando, United States and belongs to DIMENOC - HostDime.com, Inc., US. The main domain is colegioanahuac.mx.
This is the only time colegioanahuac.mx was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: eBay (E-commerce)

Domain & IP information

IP Address AS Autonomous System
1 72.29.77.180 33182 (DIMENOC)
10 2.18.234.107 16625 (AKAMAI-AS)
1 1 66.135.195.83 11643 (EBAY)
1 2.18.233.20 16625 (AKAMAI-AS)
1 23.67.135.182 20940 (AKAMAI-ASN1)
1 66.135.211.22 11643 (EBAY)
1 1 66.211.185.47 11643 (EBAY)
1 2 176.120.18.70 198911 (BML-AS)
1 2.18.233.21 16625 (AKAMAI-AS)
18 8
1    72.29.77.180 (Orlando, United States)

ASN33182 (DIMENOC - HostDime.com, Inc., US)
PTR: smx5.hostdime.com.mx
colegioanahuac.mx
10    2.18.234.107 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-107.deploy.static.akamaitechnologies.com
secureir.ebaystatic.com
rover.ebay.de
securepics.ebaystatic.com
www.ebay.com
1    66.135.195.83 (Campbell, United States)

ASN11643 (EBAY - eBay, Inc, US)
rover.ebay.com
1    2.18.233.20 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-20.deploy.static.akamaitechnologies.com
www.paypalobjects.com
1    23.67.135.182 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-67-135-182.deploy.static.akamaitechnologies.com
signin.ebay.de
1    66.135.211.22 (Campbell, United States)

ASN11643 (EBAY - eBay, Inc, US)
srv.de.ebayrtm.com
1    66.211.185.47 (Campbell, United States)

ASN11643 (EBAY - eBay, Inc, US)
PTR: signin.ebay.com
signin.ebay.com
2    176.120.18.70 (United States)

ASN198911 (BML-AS, US)
b.stats.paypal.com
dub.stats.paypal.com
1    2.18.233.21 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-21.deploy.static.akamaitechnologies.com
c.paypal.com
Domain Requested by
6 secureir.ebaystatic.com colegioanahuac.mx
2 securepics.ebaystatic.com colegioanahuac.mx
1 c.paypal.com www.paypalobjects.com
1 dub.stats.paypal.com colegioanahuac.mx
1 b.stats.paypal.com 1 redirects
1 www.ebay.com colegioanahuac.mx
1 signin.ebay.com 1 redirects
1 srv.de.ebayrtm.com colegioanahuac.mx
1 signin.ebay.de colegioanahuac.mx
1 www.paypalobjects.com colegioanahuac.mx
1 rover.ebay.de colegioanahuac.mx
1 rover.ebay.com 1 redirects
1 colegioanahuac.mx
0 586a5c14962lezvo.stats.ebay.com Failed colegioanahuac.mx
0 b.stats.ebay.com Failed colegioanahuac.mx
18 15

This site contains links to these domains. Also see Links.

Domain
www.ebay.de
scgi.ebay.de
qu.ebay.de
pages.ebay.de
seal.verisign.com
www.verisign.com
Subject Issuer Validity Valid
signin.ebay.com
DigiCert SHA2 Secure Server CA		 2018-04-26 -
2019-04-27		 a year crt.sh
www.paypal.com
Symantec Class 3 EV SSL CA - G3		 2017-09-22 -
2019-10-30		 2 years crt.sh

This page contains 6 frames:

Primary Page: http://colegioanahuac.mx/quintob/dieta/images/up.html
Frame ID: 8533E87E5EACA14772F25B2D8158E9F0
Requests: 13 HTTP requests in this frame

Frame: https://www.paypalobjects.com/webstatic/r/fb/fb-all-prod.akamai.pp.min.js
Frame ID: 0E01DA649BD9FCA257F96A751F0082DA
Requests: 1 HTTP requests in this frame

Frame: https://signin.ebay.de/t_n.html?org_id=usllpic0&session_id=62586a6c1490a604a4639ae3ffee0df4
Frame ID: ED83FF1F40307697B915F5BDF40FF415
Requests: 1 HTTP requests in this frame

Frame: https://srv.de.ebayrtm.com/rtm?RtmGetCapJs&p=18&rqid=62586a6c1490a604a46238b2ffe7689d&cb=parent.window.updateRtmField
Frame ID: 0655495579D65426644AD474C1990E18
Requests: 1 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/counter2.cgi
Frame ID: 3B189381710D693A99BCC94205F33DB9
Requests: 1 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://www.paypalobjects.com/webstatic/r/fb/fb-all-prod.akamai.pp.min.js
Frame ID: 55C8F3A3BF5944F30C595074608BAF1D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • env /^SWFObject$/i

Page Statistics

18
Requests

11 %
HTTPS

0 %
IPv6

7
Domains

15
Subdomains

8
IPs

3
Countries

168 kB
Transfer

344 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://rover.ebay.com/roversync/?site=77&stg=1&mpt=1414694201964 HTTP 301
  • https://rover.ebay.de/roversync/?site=77&stg=1&cguid=c46599e61630a9c118d51d1cf9f76939&mpt=1528008382950
Request Chain 14
  • https://signin.ebay.com/ws/eBayISAPI.dll?SignInAuthRedirect&guid=true&isV4=true&ct=AQAAAUlO5vGbAAU3RXhCWHQrZzhFdGZsVHhxQXJBOEhmdHNqeXlJNmhKQlR1UFhFU1JNNGRjPYom%2FKdZawSCiywTZ99cF4jNndxh HTTP 302
  • https://www.ebay.com/ws/eBayISAPI.dll?SignInAuthRedirect&guid=true&isV4=true&ct=AQAAAUlO5vGbAAU3RXhCWHQrZzhFdGZsVHhxQXJBOEhmdHNqeXlJNmhKQlR1UFhFU1JNNGRjPYom%2FKdZawSCiywTZ99cF4jNndxh
Request Chain 15
  • https://b.stats.paypal.com/v1/counter.cgi?r=cD02MjU4NTljODE0OTBhNTZjZDYzMTg1ZTJmZmZkOGU2YSZpPTg2LjEyNi4xMjQuODgmdD0xNDE0Njk0MjAxJmE9MjB8RJs43LtT_IwOMUtbSVsiKUY9bw== HTTP 302
  • https://dub.stats.paypal.com/counter2.cgi

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request up.html
colegioanahuac.mx/quintob/dieta/images/ 		53 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://colegioanahuac.mx/quintob/dieta/images/up.html
Protocol
HTTP/1.1
Server
72.29.77.180 Orlando, United States, ASN33182 (DIMENOC - HostDime.com, Inc., US),
Reverse DNS
smx5.hostdime.com.mx
Software
Apache /
Resource Hash
d9c9cf360a34a7a8a0e831a70e7edd079e4cea3ce9c2c99f60c7c48c42c9e200

Request headers

Host
colegioanahuac.mx
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
8533E87E5EACA14772F25B2D8158E9F0

Response headers

Date
Sun, 03 Jun 2018 06:46:21 GMT
Server
Apache
Last-Modified
Sun, 04 Jan 2015 13:31:56 GMT
Accept-Ranges
bytes
Content-Length
54649
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html
xiqygkjz2qyibmxshntsverhaeq.png
secureir.ebaystatic.com/rs/v/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secureir.ebaystatic.com/rs/v/xiqygkjz2qyibmxshntsverhaeq.png
Requested by
Host: colegioanahuac.mx
URL: http://colegioanahuac.mx/quintob/dieta/images/up.html
Protocol
SPDY
Server
2.18.234.107 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-107.deploy.static.akamaitechnologies.com
Software
eBay Server /
Resource Hash
5440e48584e47738479ccd905576e9ddf2097d07b6c7ba81dda6eeb13b1d4af0

Request headers

Referer
http://colegioanahuac.mx/quintob/dieta/images/up.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Sun, 03 Jun 2018 06:46:22 GMT
last-modified
Mon, 06 Oct 2014 23:42:32 GMT
server
eBay Server
status
200
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
rlogid
t6q%60utuf%3C%3Dosuufvuq%60%2844%3B54%3E7-163c4208a5b-0xce
x-ebay-request-id
163c4208-a5b0-aa12-87a3-eeb6ffe1fbf3![]
x-ebay-c-version
1.0.0
access-control-allow-headers
*
content-length
4820
expires
Mon, 03 Jun 2019 06:46:22 GMT
/
rover.ebay.de/roversync/
Redirect Chain
  • https://rover.ebay.com/roversync/?site=77&stg=1&mpt=1414694201964
  • https://rover.ebay.de/roversync/?site=77&stg=1&cguid=c46599e61630a9c118d51d1cf9f76939&mpt=1528008382950
42 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rover.ebay.de/roversync/?site=77&stg=1&cguid=c46599e61630a9c118d51d1cf9f76939&mpt=1528008382950
Requested by
Host: colegioanahuac.mx
URL: http://colegioanahuac.mx/quintob/dieta/images/up.html
Protocol
SPDY
Server
2.18.234.107 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-107.deploy.static.akamaitechnologies.com
Software
ebay server /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
http://colegioanahuac.mx/quintob/dieta/images/up.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Jun 2018 06:46:23 GMT
server
ebay server
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa ADMa DEVa PSDo PSAa OUR SAMo IND UNI COM NAV INT STA DEM PRE"
status
200
x-ebay-c-request-id
ri=DRQPYRe%2BCBQ3,rci=EMKNkip%2BIjzRtqLT
cache-control
private, no-cache
rlogid
t6qjpbq%3F%3Ctofthu%60t*2746%3A55%29pqtfwpu%29pie%29fgg%7E-fij-163c4659ab0-0x157
content-type
image/gif
content-length
42

Redirect headers

Pragma
no-cache
Date
Sun, 03 Jun 2018 06:46:22 GMT
Server
ebay server
P3P
policyref="/w3c/p3p.xml", CP="NOI CURa ADMa DEVa PSDo PSAa OUR SAMo IND UNI COM NAV INT STA DEM PRE"
location
https://rover.ebay.de/roversync/?site=77&stg=1&cguid=c46599e61630a9c118d51d1cf9f76939&mpt=1528008382950
X-EBAY-C-REQUEST-ID
ri=6CxnsAzb8GZU,rci=piWjnR3ZjND9emCt
Cache-Control
private,no-cache,no-store
RlogId
t6qjpbq%3F%3Ctofthu%60t*2203%3A65%29pqtfwpu%29pie%29fgg%7E-fij-163c46599e6-0x16a
Content-Type
image/gif
Content-Length
0
eBayISAPI.dll
b.stats.ebay.com/ws/ 		0
0
eBayISAPI.dll
586a5c14962lezvo.stats.ebay.com/ws/ 		0
0
imgbg.jpg
securepics.ebaystatic.com/aw/pics/cmp/ds3/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepics.ebaystatic.com/aw/pics/cmp/ds3/imgbg.jpg
Requested by
Host: colegioanahuac.mx
URL: http://colegioanahuac.mx/quintob/dieta/images/up.html
Protocol
SPDY
Server
2.18.234.107 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-107.deploy.static.akamaitechnologies.com
Software
eBay Server /
Resource Hash
b054c21c769e6e73a3f3f2e51ff27783043d87f8c4cb963c0554b33010fa3efc

Request headers

Referer
http://colegioanahuac.mx/quintob/dieta/images/up.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Sun, 03 Jun 2018 06:46:22 GMT
last-modified
Tue, 30 May 2017 20:58:47 GMT
server
eBay Server
etag
"570-550c411e57d01"
content-type
image/jpeg
status
200
cache-control
max-age=740242
accept-ranges
bytes
content-length
1392
expires
Mon, 11 Jun 2018 20:23:44 GMT
fb-all-prod.akamai.pp.min.js
www.paypalobjects.com/webstatic/r/fb/ Frame 0E01 		48 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/webstatic/r/fb/fb-all-prod.akamai.pp.min.js
Requested by
Host: colegioanahuac.mx
URL: http://colegioanahuac.mx/quintob/dieta/images/up.html
Protocol
SPDY
Server
2.18.233.20 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8a7b0ef0042a25ed17ab7aa1294d453ed4072ce3146368cbe8d78f4b17e73817
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
http://colegioanahuac.mx/quintob/dieta/images/up.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Sun, 03 Jun 2018 06:46:22 GMT
x-pad
avoid browser bug
x-content-type-options
nosniff
last-modified
Mon, 10 Aug 2015 04:55:21 GMT
server
Apache
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=86400
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-encoding
gzip
content-length
16684
expires
Mon, 04 Jun 2018 06:46:22 GMT
t_n.html
signin.ebay.de/ Frame ED83 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://signin.ebay.de/t_n.html?org_id=usllpic0&session_id=62586a6c1490a604a4639ae3ffee0df4
Requested by
Host: colegioanahuac.mx
URL: http://colegioanahuac.mx/quintob/dieta/images/up.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.67.135.182 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-67-135-182.deploy.static.akamaitechnologies.com
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

:method
GET
:authority
signin.ebay.de
:scheme
https
:path
/t_n.html?org_id=usllpic0&session_id=62586a6c1490a604a4639ae3ffee0df4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://colegioanahuac.mx/quintob/dieta/images/up.html
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
8533E87E5EACA14772F25B2D8158E9F0
Referer
http://colegioanahuac.mx/quintob/dieta/images/up.html

Response headers

status
200
server
Apache-Coyote/1.1
last-modified
Wed, 11 Apr 2018 00:34:44 GMT
content-type
text/html
vary
Accept-Encoding
content-encoding
gzip
expires
Sun, 03 Jun 2018 06:46:22 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Sun, 03 Jun 2018 06:46:22 GMT
content-length
1151
seal.gif
secureir.ebaystatic.com/pictures/aw/pics/globalHeader/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secureir.ebaystatic.com/pictures/aw/pics/globalHeader/seal.gif
Requested by
Host: colegioanahuac.mx
URL: http://colegioanahuac.mx/quintob/dieta/images/up.html
Protocol
SPDY
Server
2.18.234.107 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-107.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9329e47d8f7f88e1b452b8520dbe8187523f2e109a98601376bb000e7806f418
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://colegioanahuac.mx/quintob/dieta/images/up.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Sun, 03 Jun 2018 06:46:22 GMT
x-cache-lookup
HIT from rnopicscache-16126:80
last-modified
Tue, 30 May 2017 20:59:28 GMT
server
Apache
status
200
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
access-control-allow-headers
*
content-length
1536
x-xss-protection
1; mode=block
expires
Mon, 03 Jun 2019 06:46:22 GMT
r32gctn0fu3vjkpge2mjhij3q.js
secureir.ebaystatic.com/v4js/z/i5/ 		102 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secureir.ebaystatic.com/v4js/z/i5/r32gctn0fu3vjkpge2mjhij3q.js
Requested by
Host: colegioanahuac.mx
URL: http://colegioanahuac.mx/quintob/dieta/images/up.html
Protocol
SPDY
Server
2.18.234.107 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-107.deploy.static.akamaitechnologies.com
Software
eBay Server /
Resource Hash
8e27b0403bf1062e5c8df7f76bb053bac530db88e86a3f5b99930b4dc78c69d1

Request headers

Referer
http://colegioanahuac.mx/quintob/dieta/images/up.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Sun, 03 Jun 2018 06:46:22 GMT
content-encoding
gzip
last-modified
Mon, 09 Oct 2017 21:43:16 GMT
server
eBay Server
status
200
x-edgeconnect-cache-status
1
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/x-javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
access-control-allow-headers
*
content-length
31543
expires
Mon, 03 Jun 2019 06:46:22 GMT
wlt1m5gqge0wpkzj3qjrocjp4uv.js
secureir.ebaystatic.com/rs/v/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secureir.ebaystatic.com/rs/v/wlt1m5gqge0wpkzj3qjrocjp4uv.js
Requested by
Host: colegioanahuac.mx
URL: http://colegioanahuac.mx/quintob/dieta/images/up.html
Protocol
SPDY
Server
2.18.234.107 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-107.deploy.static.akamaitechnologies.com
Software
eBay Server /
Resource Hash
5c07f2e467dc73f47ee4ad939e899c1e27e59c669235ce2b449e22bf47ea2b32

Request headers

Referer
http://colegioanahuac.mx/quintob/dieta/images/up.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Sun, 03 Jun 2018 06:46:22 GMT
content-encoding
gzip
status
200
x-ebay-c-version
1.0.0
content-length
9427
last-modified
Tue, 15 Sep 2015 15:35:19 GMT
server
eBay Server
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/x-javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
rlogid
t6q%60utuf%3C%3Dosuufvuq%60%2844%3B54%3E6-163c4208aaf-0xbc
x-ebay-request-id
163c4208-aaf0-aa11-e892-9d9affe2267c![]
access-control-allow-headers
*
expires
Mon, 03 Jun 2019 06:46:22 GMT
341wgvdjgy2abb1qzf3cxflzf.js
secureir.ebaystatic.com/v4js/z/eu/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secureir.ebaystatic.com/v4js/z/eu/341wgvdjgy2abb1qzf3cxflzf.js
Requested by
Host: colegioanahuac.mx
URL: http://colegioanahuac.mx/quintob/dieta/images/up.html
Protocol
SPDY
Server
2.18.234.107 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-107.deploy.static.akamaitechnologies.com
Software
eBay Server /
Resource Hash
116f9313e1d61163990a6ac705181bbcf1ca01c93176f49fa502bf505dbac109

Request headers

Referer
http://colegioanahuac.mx/quintob/dieta/images/up.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Sun, 03 Jun 2018 06:46:22 GMT
content-encoding
gzip
last-modified
Fri, 27 Apr 2018 06:41:46 GMT
server
eBay Server
status
200
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/x-javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
access-control-allow-headers
*
content-length
2171
expires
Mon, 03 Jun 2019 06:46:22 GMT
rtm
srv.de.ebayrtm.com/ Frame 0655 		9 B
446 B 		Script
General
Check archive.org
Download Go to
Full URL
https://srv.de.ebayrtm.com/rtm?RtmGetCapJs&p=18&rqid=62586a6c1490a604a46238b2ffe7689d&cb=parent.window.updateRtmField
Requested by
Host: colegioanahuac.mx
URL: http://colegioanahuac.mx/quintob/dieta/images/up.html
Protocol
HTTP/1.1
Server
66.135.211.22 Campbell, United States, ASN11643 (EBAY - eBay, Inc, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
9088173db5a37e3a5b4d9e25cdd7d10505217415bf10cb6ddc2ccce74728d5d7

Request headers

Referer
http://colegioanahuac.mx/quintob/dieta/images/up.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Sun, 03 Jun 2018 06:46:22 GMT
Server
Apache-Coyote/1.1
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
no-cache
RlogId
p4pphnmqj%3D9vjd32%2B62%3C660%3C-163c4659ac5-0xbd
Content-Type
application/x-javascript;charset=utf-8
Content-Length
9
Expires
0
zwab4ilpra3mdez1m5n553vkc.js
secureir.ebaystatic.com/v4js/z/yq/ 		76 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secureir.ebaystatic.com/v4js/z/yq/zwab4ilpra3mdez1m5n553vkc.js
Requested by
Host: colegioanahuac.mx
URL: http://colegioanahuac.mx/quintob/dieta/images/up.html
Protocol
SPDY
Server
2.18.234.107 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-107.deploy.static.akamaitechnologies.com
Software
eBay Server /
Resource Hash
2f5bc1f44198193569326ab9c452a74092b7ca602ae7b4152858a047ff5d7416

Request headers

Referer
http://colegioanahuac.mx/quintob/dieta/images/up.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Sun, 03 Jun 2018 06:46:22 GMT
content-encoding
gzip
last-modified
Sun, 03 Jun 2018 05:30:57 GMT
server
eBay Server
status
200
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/x-javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
access-control-allow-headers
*
content-length
24564
expires
Mon, 03 Jun 2019 06:46:22 GMT
sprSignIn2.png
securepics.ebaystatic.com/aw/pics/de/signin/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepics.ebaystatic.com/aw/pics/de/signin/sprSignIn2.png
Requested by
Host: colegioanahuac.mx
URL: http://colegioanahuac.mx/quintob/dieta/images/up.html
Protocol
SPDY
Server
2.18.234.107 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-107.deploy.static.akamaitechnologies.com
Software
eBay Server /
Resource Hash
23d84e14483490b839406c89c58debb5be02b92a6ec3b80247d16bb552bdc68f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://colegioanahuac.mx/quintob/dieta/images/up.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Sun, 03 Jun 2018 06:46:22 GMT
last-modified
Thu, 01 Jun 2017 22:41:43 GMT
server
eBay Server
etag
"4e4d-550edbdaf6779"
content-type
image/png
status
200
cache-control
max-age=3883475
accept-ranges
bytes
content-length
20045
x-xss-protection
1; mode=block
expires
Wed, 18 Jul 2018 05:30:57 GMT
eBayISAPI.dll
www.ebay.com/ws/
Redirect Chain
  • https://signin.ebay.com/ws/eBayISAPI.dll?SignInAuthRedirect&guid=true&isV4=true&ct=AQAAAUlO5vGbAAU3RXhCWHQrZzhFdGZsVHhxQXJBOEhmdHNqeXlJNmhKQlR1UFhFU1JNNGRjPYom%2FKdZawSCiywTZ99cF4jNndxh
  • https://www.ebay.com/ws/eBayISAPI.dll?SignInAuthRedirect&guid=true&isV4=true&ct=AQAAAUlO5vGbAAU3RXhCWHQrZzhFdGZsVHhxQXJBOEhmdHNqeXlJNmhKQlR1UFhFU1JNNGRjPYom%2FKdZawSCiywTZ99cF4jNndxh
162 B
716 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ebay.com/ws/eBayISAPI.dll?SignInAuthRedirect&guid=true&isV4=true&ct=AQAAAUlO5vGbAAU3RXhCWHQrZzhFdGZsVHhxQXJBOEhmdHNqeXlJNmhKQlR1UFhFU1JNNGRjPYom%2FKdZawSCiywTZ99cF4jNndxh
Requested by
Host: colegioanahuac.mx
URL: http://colegioanahuac.mx/quintob/dieta/images/up.html
Protocol
SPDY
Server
2.18.234.107 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-107.deploy.static.akamaitechnologies.com
Software
Apache-Coyote/1.1 /
Resource Hash
67bcd2d2d17a769df440dcb9d89aad4e58d015691ce201eafcdd9b7116d71898

Request headers

Referer
http://colegioanahuac.mx/quintob/dieta/images/up.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Jun 2018 06:46:23 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
x-edgeconnect-midmile-rtt
5
x-edgeconnect-cache-status
0
vary
Accept-Encoding
content-type
text/html;charset=UTF-8
status
200
cache-control
private
content-length
170
x-edgeconnect-origin-mex-latency
213

Redirect headers

Date
Sun, 03 Jun 2018 06:46:23 GMT
X-Content-Type-Options
nosniff
x-frame-options
SAMEORIGIN
Location
https://www.ebay.com/ws/eBayISAPI.dll?SignInAuthRedirect&guid=true&isV4=true&ct=AQAAAUlO5vGbAAU3RXhCWHQrZzhFdGZsVHhxQXJBOEhmdHNqeXlJNmhKQlR1UFhFU1JNNGRjPYom%2FKdZawSCiywTZ99cF4jNndxh
rlogid
t6pbhnmpo%3D9vjdpbhnmpo*2214177-163c4659b18-0x1b05
Connection
keep-alive
Vary
Accept
Content-Length
0
x-xss-protection
1; mode=block
counter2.cgi
dub.stats.paypal.com/ Frame 3B18
Redirect Chain
  • https://b.stats.paypal.com/v1/counter.cgi?r=cD02MjU4NTljODE0OTBhNTZjZDYzMTg1ZTJmZmZkOGU2YSZpPTg2LjEyNi4xMjQuODgmdD0xNDE0Njk0MjAxJmE9MjB8RJs43LtT_IwOMUtbSVsiKUY9bw==
  • https://dub.stats.paypal.com/counter2.cgi
42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dub.stats.paypal.com/counter2.cgi
Requested by
Host: colegioanahuac.mx
URL: http://colegioanahuac.mx/quintob/dieta/images/up.html
Protocol
HTTP/1.1
Server
176.120.18.70 , United States, ASN198911 (BML-AS, US),
Reverse DNS
Software
/
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
http://colegioanahuac.mx/quintob/dieta/images/up.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Sun, 03 Jun 2018 06:46:22 GMT
Cache-Control
private, must-revalidate, proxy-revalidate
Server
Connection
close
ETag
"ec784e95c9f40451ca18"
Content-Length
42
Content-type
image/jpeg

Redirect headers

Location
https://dub.stats.paypal.com/counter2.cgi
Date
Sun, 03 Jun 2018 06:46:22 GMT
Server
Connection
close
Content-Length
289
Content-Type
text/html; charset=utf-8
i
c.paypal.com/v1/r/d/ Frame 55C8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/i?js_src=https://www.paypalobjects.com/webstatic/r/fb/fb-all-prod.akamai.pp.min.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webstatic/r/fb/fb-all-prod.akamai.pp.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2.18.233.21 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-21.deploy.static.akamaitechnologies.com
Software
Apache / JSP/2.2
Resource Hash

Request headers

Host
c.paypal.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://colegioanahuac.mx/quintob/dieta/images/up.html
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
8533E87E5EACA14772F25B2D8158E9F0
Referer
http://colegioanahuac.mx/quintob/dieta/images/up.html

Response headers

Server
Apache
Pragma
Pragma no-cache
CORRELATION-ID
d94c2309235b3
X-Powered-By
JSP/2.2
HTTP_X_PP_AZ_LOCATOR
dcg12.slc
Paypal-Debug-Id
d94c2309235b3
X-Cnection
close
Content-Type
text/html;charset=ISO-8859-1
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
171
Cache-Control
private, no-cache, no-store, must-revalidate
Expires
Sun, 03 Jun 2018 06:46:22 GMT
Date
Sun, 03 Jun 2018 06:46:22 GMT
Connection
keep-alive

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
b.stats.ebay.com
URL
https://b.stats.ebay.com/ws/eBayISAPI.dll?V4AppCounter&r=n2S4GT4TyOQ-Y5HK6WYu2uLiiiVAYugZR_MVWNntp8DVIz-mwJxhZFaqie-L6Bg4MLpaZCcRNfhPSFioc4syZMviLOwc7kKIK0Q1ycc3qxoxQjzE8_2Z8gqGKTjT8GdzmnbreA**&seq=1
Domain
586a5c14962lezvo.stats.ebay.com
URL
https://586a5c14962lezvo.stats.ebay.com/ws/eBayISAPI.dll?V4AppCounter&r=n2S4GT4TyOQ-Y5HK6WYu2uLiiiVAYugZR_MVWNntp8DVIz-mwJxhZFaqie-L6Bg4MLpaZCcRNfhPSFioc4syZMviLOwc7kKIK0Q1ycc3qxoxQjzE8_2Z8gqGKTjT8GdzmnbreA**&seq=2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: eBay (E-commerce)

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| corId string| srcId string| bUrl string| paypalJs undefined| dom object| doc object| where object| iframe string| rtmAsyncURL function| updateRtmField string| pageID string| pageName object| vjo string| clz function| ed boolean| _GlobalNavHeaderUtf8Encoding string| includeHost object| _oGlobalNavRTMInfo boolean| _GlobalNavHeaderStatic boolean| _GlobalNavHeaderCookieTracking object| GH object| GH_config number| svrGMT object| deconcept function| getQueryParamValue function| FlashObject function| SWFObject function| _a2 function| _b2 function| _c2 function| _d2 function| _e2 function| _f2 function| _g2 function| _h2 function| _i2 function| _j2 function| _k2 function| _l2 function| _m2 function| _n2 function| _o2 function| _p2 function| _q2 function| _r2 function| _s2 undefined| AO_timer_resize undefined| AO_timer_scroll function| _t2 function| _u2 function| _v2 function| _w2 function| _x2 function| _y2 function| _z2 function| _ba2 function| _bb2 function| _bc2 function| _bd2 function| _be2 function| _bf2 function| _bg2 function| _bh2 function| _bi2 function| _bj2 function| _bk2 function| _bl2 function| _bm2 function| _bn2 function| _bo2 function| _bp2 function| _bq2 function| _br2 function| _bs2 function| _bt2 function| _bu2 function| setVariable string| cId object| AO_globals boolean| webkit object| html_storage object| PFB_4732

5 Cookies

Domain/Path Name / Value
.paypal.com/ Name: X-PP-SILOVER
Value: name%3DLIVE3.APIC.1%26silo_version%3D880%26app%3Driskclientmetadatapiserv_apic%26TIME%3D3196982107%26HTTP_X_PP_AZ_LOCATOR%3Ddcg01.phx
.paypal.com/ Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK
Value: NhryQoin76kFd3GE4gavjOZsf6uny_iPw82L1mto4vn1QASllExDhjcqKpmBa-HsRqdgjMLYyO23HKYd
.c.paypal.com/ Name: sc_f
Value: WshvSTNHm7QBsMYI64uddmmB0NI_UoOFcCkGnvS1-JvxdTvFhXLS6sfhSM6AZyibCi-5ldFk_asHe-R5PmXTKD-5MM96xmwDhdWmg0
c.paypal.com/ Name: PP-Corr-Id
Value: EBAY_SIGNIN:625859c81490a56cd63185e2fffd8e6a
.ebay.de/ Name: npii
Value: btguid/c4659aa31630a993e0930ab7f9fd7c3e5cf4c23f^cguid/c46599e61630a9c118d51d1cf9f769395cf4c23f^

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

586a5c14962lezvo.stats.ebay.com
b.stats.ebay.com
b.stats.paypal.com
c.paypal.com
colegioanahuac.mx
dub.stats.paypal.com
rover.ebay.com
rover.ebay.de
secureir.ebaystatic.com
securepics.ebaystatic.com
signin.ebay.com
signin.ebay.de
srv.de.ebayrtm.com
www.ebay.com
www.paypalobjects.com
586a5c14962lezvo.stats.ebay.com
b.stats.ebay.com
176.120.18.70
2.18.233.20
2.18.233.21
2.18.234.107
23.67.135.182
66.135.195.83
66.135.211.22
66.211.185.47
72.29.77.180
116f9313e1d61163990a6ac705181bbcf1ca01c93176f49fa502bf505dbac109
23d84e14483490b839406c89c58debb5be02b92a6ec3b80247d16bb552bdc68f
2f5bc1f44198193569326ab9c452a74092b7ca602ae7b4152858a047ff5d7416
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
5440e48584e47738479ccd905576e9ddf2097d07b6c7ba81dda6eeb13b1d4af0
5c07f2e467dc73f47ee4ad939e899c1e27e59c669235ce2b449e22bf47ea2b32
67bcd2d2d17a769df440dcb9d89aad4e58d015691ce201eafcdd9b7116d71898
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
8a7b0ef0042a25ed17ab7aa1294d453ed4072ce3146368cbe8d78f4b17e73817
8e27b0403bf1062e5c8df7f76bb053bac530db88e86a3f5b99930b4dc78c69d1
9088173db5a37e3a5b4d9e25cdd7d10505217415bf10cb6ddc2ccce74728d5d7
9329e47d8f7f88e1b452b8520dbe8187523f2e109a98601376bb000e7806f418
b054c21c769e6e73a3f3f2e51ff27783043d87f8c4cb963c0554b33010fa3efc
d9c9cf360a34a7a8a0e831a70e7edd079e4cea3ce9c2c99f60c7c48c42c9e200